1. Field of the Invention
This invention relates to computing systems, and more particularly, to efficient security protocols in a virtualized datacenter environment.
2. Description of the Relevant Art
As computer performance increases for both desktops and servers, it becomes more desirable to efficiently utilize the available high performance. Multiprocessing is one technique that enables several software applications to share a multi-core processor or even a multi-threaded core. With these techniques a general-purpose operating system (OS) has control of a system's physical resources, such as allocation of the physical resources and management of external storage. Further techniques such as virtual memory and I/O device abstraction support the illusion that each software application controls all physical resources, or even more resources than are physically available.
Additional techniques involving virtualization have proved to be a powerful technology to simplify software development and testing, to enable server consolidation, and to enhance datacenter agility. Virtualization broadly describes the separation of a service request from the underlying physical delivery of that service. A software layer, or virtualization layer, may be added between the hardware and the OS. In one instance, this software layer runs on top of a host OS and spawns higher level virtual machines (VMs). This software layer monitors corresponding VMs and redirects requests for resources to appropriate application program interfaces (APIs) in the hosting environment. This type of software layer is referred to as a virtual machine monitor (VMM).
In another instance, a software layer runs directly on the hardware without the need of a host OS. This type of software layer, or type of VMM, is referred to as a hypervisor. Although a hypervisor is a software layer, to be effective this layer may need hardware assistance. Privileged and sensitive calls within a corresponding OS may be set to automatically trap to the hypervisor, removing a requirement for binary translation.
Analogous to a general-purpose OS, presenting the appearance to multiple software applications that each application has unrestricted access to a set of computing resources, a VMM manages a computer's, or a machine's, physical resources and presents these resources to one or more VMs. This method creates an illusion for an OS within each VM that the OS has full access to the physical resources that have been made visible. Such an approach allows for time-sharing a single computer between several single-tasking OSes.
Fully abstracting the OS and applications from the hardware and encapsulating them into portable VMs has enabled virtual infrastructure features generally not possible with hardware alone. For example, servers may run in extremely fault tolerant configurations on a virtual infrastructure with no downtime needed for backups or hardware maintenance. A datacenter, which also may be referred to as a server room, is a centralized repository, either physical or virtual, for the storage, management, and dissemination of data pertaining to one or more businesses. Increasingly, datacenters are demanding rapid adaptability, requiring a single server to run one operating system for a period of time then be quickly redeployed to run another operating system serving a different purpose. Virtual machines may be used to provide this resource management capability.
There are several approaches to performing virtualization. However, virtualizing the x86 processor architecture is not straightforward, since this architecture originally did not support a set of conditions to efficiently support system virtualization, such as the Popek and Goldberg virtualization requirements set forth in the 1974 article Gerald J. Popek and Robert P. Goldberg (1974), “Formal Requirements for Virtualizable Third Generation Architectures”, Communications of the ACM 17 (7): pp. 412-421. These types of virtualization are part of a developing field, which has potential security issues with guest OS cache data and unauthenticated connections.
Enterprise hypervisors are currently one of the most volatile areas of the industry. Security products in these virtualized environments need to support OSes in many different hypervisor guests and it is common for enterprise datacenters to require support for both 64-bit and 32-bit VMs. Currently, specific security resources, such as threat signatures, may often be different on different OSes. However, it is desirable to have a single underlying infrastructure providing common security operations on different OSes, such as memory or filesystem scanning and process management. A single infrastructure may avoid the need to build unique security systems for each OS or hypervisor, or for each combination of a matrix of N×N combinations of operating systems and hypervisors.
Further, while hypervisors may enable moving security functions out from within general VMs to external entities, such externally based approaches may suffer from a “semantic gap” problem. A semantic gap problem may exist due to the external entity not having the native contextual view that an internally based entity may have. Useful security solutions require run-time knowledge of both OS and kernel internal operations, such as process data structures, sockets, files, and so forth, to perform meaningful remediation, behavior analysis, and false positive analysis. Unfortunately, kernel-formulated semantics is generally only accessible via the kernel itself.
In view of the above, efficient methods and mechanisms for efficient security protocols in a virtualized datacenter environment are desired.